Opinions are like a%$*oles, everyone has them and they're usually full of &amp;*it! Argue with our Opinion writers or add your own. Who knows... a great opinion post could land you a featured opinion article!

I agree with Haybusa, how hard will it be to clone and rewrite on something else. wear one of those running id holders like the one here.

Not like you have to leave the park. If done right, a Crym could charge lots of crap to someone, and it'll be harder to dispute with the company. small enough charges don't have to show id. And think if that Crym was someone working at the park, in that micky costume. Ask little Billy how long they're there for, making small talk, and suddenly know how long he has to use that family's account

I think that this shows that Disney is out of touch slightly. they only think of this from the privacy side. didn't see anything talking about the fraud side.

I don't have any further information about how Disney plans to implement this, but fraud within the parks would be very easy to detect. They're using RFID to track visitors. Each RFID chip will be uniquely identifiable, so they would be able to detect you pulling Fast Passes at the Magic Kingdom while simultaneously shopping at Downtown Disney.

The question is, will they implement fraud detection in the system? If the fraud becomes rampant enough that they're losing money, they will.

Agreed that, if done right, they'll hopefully at least minimize their exposure. For instance, a user in line for a ride with a 'quick pass' from their bracelet VERY likely isn't in a store half-way across the park, at the same moment. Still, with the sheer number of the bracelets that could potentially be in use, daily, it's a guarantee that someone WILL exploit things, somehow.

Perhaps a required passphrase if in the stores, etc, to go with the bracelets, so that, at least then, there's MUCH less chance of excess abuse / spending. At least that way, they'd really need to both 'drive by' scan the rfid AND shoulder surf, to get the passphrase.

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

I think it would depend how how they set the system up to begin with. The biggest thing I can think of, one family all using the same card. So that could mean that some are in one area, some in other buying at the same time. think Dad and son on the rides, mom and daughter shopping.

So, how much information do they need to actually make the sale. How much do they read. And what parts could be re-written.

If I knew more about rewriting the stuff, I'd love to get my hands on a couple just to see.

We don't know how they will implement this system. It would be nice to get more details on their implementation.

Suppose they do something like this:1) Only adults can have credit card info on their bracelets2) 2 factor authentication: You need the bacelet and a 5 digit pins (for example)3) There is a fraud detection mechanism in place4) Once your holiday at Disney is over, the bracelet doesn't work anymore (so you couldn't buy anything with it at Disney Marketplace for example)5) You can only allow a max of $500 per day (to limit the damages)6) You are still protected by the credit card company insurance

We also have to keep in mind that the bracelet will only have an ID with it. So a potential thief couldn't use this information outside Disney's walls.

I believe that all these combined wouldn't be too bad. And don't forget, there are still pick pockets that can easily still your wallet while you wait in line...

I'm still wondering if you could just over write the cc info and go from there. All your other data matches, but charging to someone else's card.

As for the pickpockets, those are still around. Like anything else, you have to worry about the hotel staff, card skimmers, child abductors, etc. I just think that Disney is looking at weakening their security posture by chasing something easy to use.

Personally, and this is just my opinion, I don't think the magic kingdom bracelets will last long.

H1t M0nk3y wrote:We also have to keep in mind that the bracelet will only have an ID with it. So a potential thief couldn't use this information outside Disney's walls.

All the relevant information will indeed be in the system, not on the RFID. Yes, you can replicate the RFID signal, but unless it interacts with Disney's computers, the RFID info will be useless. It does look like they stamp a first name on the actual bracelet, but no last name.

There is also a pin required for purchases over $50, and if you don't want the RFID associated with a CC, you don't have to have them include it (similar with the room keys for those staying in a Disney resort). In fact, you don't have to have any information on it - in which case you just use it for fastpass+.